Synology BeeDrive 安全漏洞

Synology BeeDrive is a backup and synchronization device developed by the Chinese company Synology. Versions of Synology BeeDrive prior to 1.3.2-13814 contained a security vulnerability. This vulnerability stemmed from the redis-server component, where external access to certain files or...

External Control of File Name or Path

Overview nicegui is a Create web-based user interfaces with Python. The nice way. Affected versions of this package are vulnerable to External Control of File Name or Path via the preparecontent function. An attacker can access sensitive local files readable by the server by supplying specially...

CVE-2026-44301

Hugo is a static site generator. From 0.43 to before 0.161.0, when building a Hugo site that uses Node-based asset pipelines PostCSS, Babel, TailwindCSS, Hugo invoked the configured Node tools without restrictions on file system access. As a result, executing hugo against an untrusted site could...

Security Updates for Microsoft Word Products (May 2026)

The Microsoft Word Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - Access of resource using incompatible type 'type confusion' in Microsoft Office Word allows an unauthorized attacker to execute code locally. CVE-2026-40364 - Use after free in...

CVE-2026-7875 NanoClaw Host/Container Filesystem Boundary Vulnerability via Outbound Attachment Handling

NanoClaw version 1.2.0 and prior contains a host/container filesystem boundary vulnerability in outbound attachment handling and outbox cleanup that allows a compromised or prompt-injected container to read files outside the intended outbox directory by supplying crafted messagesout.id and...

EUVD-2026-24506

nesquena hermes-webui contains a trust-boundary failure vulnerability that allows authenticated attackers to set or change a session workspace to an arbitrary existing directory on disk by manipulating workspace path parameters in endpoints such as /api/session/new, /api/session/update,...

CVE-2026-33748

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, insufficient validation of Git URL fragment subdir components may allow access to files outside the checked-out Git repository root. Possible access is...

Path Traversal

ONNX is vulnerable to Path Traversal. The vulnerability is due to improper handling of symlinks allowing directory traversal, which allows an attacker to access and read arbitrary files outside the intended directory...

GoDoxy has a Path Traversal Vulnerability in its File API

Summary The file content API endpoint at /api/v1/file/content is vulnerable to path traversal. The filename query parameter is passed directly to path.Joincommon.ConfigBasePath, filename where ConfigBasePath = "config" a relative path. No sanitization or validation is applied beyond checking that...

EUVD-2026-14664

Vulnerability in Spring Cloud when substituting the profile parameter from a request made to the Spring Cloud Config Server configured to the native file system as a backend, because it was possible to access files outside of the configured search directories.This issue affects Spring Cloud: from...

Files or Directories Accessible to External Parties

Overview Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties via the dev server configuration when server.fs.strict is set to false. An attacker can access sensitive files on the host system by sending crafted requests to the development server...

CVE-2025-67366

@sylphxltd/filesystem-mcp v0.5.8 is an MCP server that provides file content reading functionality. Version 0.5.8 of filesystem-mcp contains a critical path traversal vulnerability in its "readcontent" tool. This vulnerability arises from improper symlink handling in the path validation mechanism...

PT-2026-1444

SnapGear Management Console SG560 3.1.5 contains a file manipulation vulnerability that allows authenticated users to read, write, and delete files using the edit config files CGI script. Attackers can manipulate POST request parameters in /cgi-bin/cgix/edit config files to access and modify file...

CVE-2025-15065

Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, Files or Directories Accessible to External Parties vulnerability in Kings Information & Network Co. KESS Enterprise on Windows allows Privilege Escalation, Modify Existing Service, Modify Shared...

CVE-2025-15065 Data Exposure in Kings Information & Network KESS Enterprise

Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, Files or Directories Accessible to External Parties vulnerability in Kings Information & Network Co. KESS Enterprise on Windows allows Privilege Escalation, Modify Existing Service, Modify Shared...

Honeywell PM43 Industrial Printers Files or Directories Accessible to External Parties (CVE-2023-3712)

Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM Printer web page modules allows Privilege Escalation. This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version...

EUVD-2020-30839

Eibiz i-Media Server Digital Signage 3.8.0 contains a directory traversal vulnerability that allows unauthenticated remote attackers to access files outside the server's root directory. Attackers can exploit the 'oldfile' GET parameter to view sensitive configuration files like web.xml and system...

Static Web Server vulnerable to a symbolic link path traversal

Summary Symbolic links symlinks could be used to access files or directories outside the intended web root folder. Details SWS generally does not prevent symlinks from escaping the web server’s root directory. Therefore, if a malicious actor gains access to the web server’s root directory, they...

Relative Path Traversal

Overview Affected versions of this package are vulnerable to Relative Path Traversal due to unsafe path handling. An attacker can access, overwrite, or delete files outside the intended directories by supplying specially crafted names or archive entries containing path traversal sequences...

SonicWALL Email Security 安全漏洞

SonicWALL Email Security is an email security system from SonicWALL USA. A security vulnerability exists in SonicWall Email Security that stems from a path traversal attack that could result in access to files and directories outside of a restricted path...